Twitter in disaster mode: security architecture

SWID '11 Pub Date : 2011-12-06 DOI:10.1145/2079360.2079367

T. Hossmann, Paolo Carta, Dominik Schatzmann, F. Legendre, P. Gunningberg, C. Rohner

{"title":"Twitter in disaster mode: security architecture","authors":"T. Hossmann, Paolo Carta, Dominik Schatzmann, F. Legendre, P. Gunningberg, C. Rohner","doi":"10.1145/2079360.2079367","DOIUrl":null,"url":null,"abstract":"Recent natural disasters (earthquakes, floods, etc.) have show that people heavily use platforms like Twitter to communicate and organize in emergencies. However, the fixed infrastructure supporting such communications may be temporarily wiped out. In such situations, the phones' capabilities of infrastructure-less communication can fill in: By propagating data opportunistically (from phone to phone), tweets can still be spread, yet at the cost of delays.\n In this paper, we present Twimight and its network security extensions. Twimight is an open source Twitter client for Android phones featured with a \"disaster mode\", which users enable upon losing connectivity. In the disaster mode, tweets are not sent to the Twitter server but stored on the phone, carried around as people move, and forwarded via Bluetooth when in proximity with other phones. However, switching from an online centralized application to a distributed and delay-tolerant service relying on opportunistic communication requires rethinking the security architecture. We propose security extensions to offer comparable security in the disaster mode as in the normal mode to protect Twimight from basic attacks. We also propose a simple, yet efficient, anti-spam scheme to avoid users from being flooded with spam. Finally, we present a preliminary empirical performance evaluation of Twimight.","PeriodicalId":422910,"journal":{"name":"SWID '11","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"46","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"SWID '11","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2079360.2079367","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 46

Abstract

Recent natural disasters (earthquakes, floods, etc.) have show that people heavily use platforms like Twitter to communicate and organize in emergencies. However, the fixed infrastructure supporting such communications may be temporarily wiped out. In such situations, the phones' capabilities of infrastructure-less communication can fill in: By propagating data opportunistically (from phone to phone), tweets can still be spread, yet at the cost of delays. In this paper, we present Twimight and its network security extensions. Twimight is an open source Twitter client for Android phones featured with a "disaster mode", which users enable upon losing connectivity. In the disaster mode, tweets are not sent to the Twitter server but stored on the phone, carried around as people move, and forwarded via Bluetooth when in proximity with other phones. However, switching from an online centralized application to a distributed and delay-tolerant service relying on opportunistic communication requires rethinking the security architecture. We propose security extensions to offer comparable security in the disaster mode as in the normal mode to protect Twimight from basic attacks. We also propose a simple, yet efficient, anti-spam scheme to avoid users from being flooded with spam. Finally, we present a preliminary empirical performance evaluation of Twimight.

查看原文本刊更多论文

灾难模式下的Twitter:安全架构

最近的自然灾害(地震、洪水等)表明，人们在紧急情况下大量使用Twitter等平台进行沟通和组织。但是，支持这种通信的固定基础设施可能会暂时中断。在这种情况下，手机的无基础设施通信功能可以发挥作用:通过机会主义地传播数据(从一个电话到另一个电话)，tweet仍然可以传播，但代价是延迟。在本文中，我们介绍了暮光之城及其网络安全扩展。Twimight是一个面向Android手机的开源Twitter客户端，具有“灾难模式”，用户可以在失去连接时启用该模式。在灾难模式下，推文不会发送到Twitter服务器，而是存储在手机上，在人们移动时随身携带，在与其他手机接近时通过蓝牙转发。但是，从在线集中式应用程序切换到依赖于机会通信的分布式和容忍延迟的服务需要重新考虑安全体系结构。我们建议进行安全扩展，以便在灾难模式下提供与正常模式下相当的安全性，以保护twilight免受基本攻击。我们还提出了一个简单而有效的反垃圾邮件方案，以避免用户被垃圾邮件淹没。最后，我们对《暮光之城》进行了初步的实证绩效评价。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

SWID '11

自引率

0.00%

发文量